Beware of Phishing Scams: My Business Facebook Account Was Almost Compromised
Today, my business Facebook account was targeted by a phishing scam. I want to share my experience to help others, especially those who may not be familiar with phishing scams, to understand the risks and warning signs of common attacks like this.
In this post, I will detail the phishing attempt I encountered, explain how I missed the warning signs, and discuss why antivirus software may not always catch these attacks.
I received an email claiming to be from Meta (Facebook's parent company), stating that one of my posts had several reports of copyright infringement. The timing of the email seemed plausible, so I opened the message without examining it closely. The email contained a link to an appeal form, which led to an invalid URL on my mobile browser. This was the first red flag I missed.
Rushing home, worried that my business account was at risk, I opened the same email in Chrome and again failed to notice the misleading URL prefix or the suspicious sender's address.
Clicking the link, I was taken to a deceptive website that mimicked a Facebook post. It contained another link to an appeal form, which had an incorrect spelling and a suspicious domain - another red flag I overlooked.
Finally, after clicking the link, my browser warned me that the site was deceptive. Upon further investigation using a virtual machine, I discovered that the attackers wanted me to fill out a form with my personal and business information.
Phishing Warning Signs I Missed:
Unusual URL prefix: The link contained a suspicious "maximum.m" prefix instead of the standard "m.facebook.com".
Invalid URL on mobile browser: A legitimate Meta or Facebook link should work on any browser.
Suspicious sender's address: The sender's email address was not affiliated with Meta or Facebook.
Deceptive site appearance: The site looked like a Facebook post, rather than an official message or alert from the platform.
Spelling and domain irregularities: The link had a misspelled word and an unrelated domain name.